I've not investigated where NST stores it's black/whitelists, but in theory it would be easy to write a frontend to maintaining those lists. But, simply maintining the lists isn't enough - I guess NST needs to be notified that the list has changed so it can re-initialise itself.

So, how about a NST API for such things?

Going on from that, for a given site/customer, it would be nice to allow users to maintain their own black/whitelists, but I appreciate that it would be a pretty major overhaul of NST to implement...

For a start, NST isn't integrated into any mail servers, let-alone mail clients. To do this nicely, you'd expect the NST client component to integrate into, say, Outlook (and OE?) and allow interations such as "Always block this sender" and "Always allow this sender". Even if this did exist, NST only implements "global" black/whitelists, not per-user (i.e. "fred@foo.com is always allowed for Joe, but never allowed for Sue").

but i did have a thought about why this isnt as easy as we both think as you also have to make sure the whitelists/blacklists are unique to each user else you might get one user asking for a domain or email to be black listed and it effect other users.

So NST would have to do a lot more when checking mail

make sense?

Still would really like it, I reckon a web front end would be the best way

The whitelist from what I can see id stored in the sa\ruleset folder ina file called local.cf

Currently most of this could actually be easy to implemt - I can write a fairly quick perl script to read and modify the local.cf file.

But there are several issues.... with the current NST whitelists apply to all e-mail users, so you probably still need some way to get a vote or concurrence. Otherwise you could have one person tell NST to accept mail which might be spam to someone else.

An alternative is to let SpamAssassin do its job... use sample good and bad e-mails to train SA.

The default spamassissin has an "autowhitelist" feature that learns mail that is okay to send through by domain... if you get your users to send in "good" e-mail to SA in the "ham" (good stuff) mode it will learn that sender is trust worthy. At the same time if you have some users who don't like the sender - they can tell SA to consider it as spam...

I've been doing the training routine now for about six months and it works pretty good. I've pretty much eliminated most of the e-bay phising e-mails while still allowing the real ones to come through. It took about fifteen or twenty samples of phish for SA to learn - but it and I could see the scoring change accordingly.